Critical Read

CIO Council proposes digital privacy measures

theft of SS card

Critical personal information needs protection as agencies put the Digital Government Strategy into motion. Today's thieves don't need gloves or access to your wallet. (Stock image)

As agencies put the Digital Government Strategy in motion in their offices, the government is addressing the hot-button issue of privacy with the release of recommendations from the CIO Council’s Privacy Committee. In a blog post dated Dec. 14, the council linked to a document with the recommendations, which can help agencies prepare for protecting private information as they implement the strategy.

“In helping to create a government for the 21st century, the strategy recognizes that federal agencies, as good data stewards, must adopt strong privacy, confidentiality and security safeguards to prevent the improper collection, use, retention or disclosure of personally identifiable information (PII) when developing and delivering such digital services and programs,” the document states.

It focuses on three central privacy controls for digital information: PII inventories, privacy impact assessments and privacy notices.

For PII inventories, the council includes a checklist of PII that is commonly collected and used in the digital environment, including the obvious — Social Security, credit card and driver’s license numbers, and government identification information — and the more obscure, such as biometric data and computer log and tracking data. However, the document also says agencies should account for information they will collect in the future, not just what they already store and use.

The document includes informal guidance for privacy impact assessments and directs agencies to establish processes for documenting and explaining what information is used, why it is collected, its intended uses and how the data will be secured. A list of suggested questions can help agencies better assess disclosure risks, plan for potential data breaches and manage how digital information is collected.

Additionally, the CIO Council outlines the basics of a strong privacy notice. Variations in context make it impossible to provide one notice that all agencies could use, so a checklist for key privacy notice elements is included in the document. The council says agencies will need to adjust their notices according to the specifics of their particular missions and as their use of data changes.

That flexibility is important. “Over time, agencies, digital developers, and data users may also create, discover, or propose new and innovative ways to combine, share or otherwise leverage the power of the digital data and content collected or disseminated by their digital services or programs,” the recommendations states.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.

Featured

  • FCW @ 30 GPS

    FCW @ 30

    Since 1986, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group